1
0
Fork 0

Improve QueryEscape helper function (#29768)

Make it return "template.URL" to follow Golang template's context
auto-escaping.

(cherry picked from commit 3e94ac5c7c6751919453fdb66ba3472e2793759e)
This commit is contained in:
wxiaoguang 2024-03-13 21:32:30 +08:00 committed by Earl Warren
parent 3bd42e5879
commit 5bb08e2bd7
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00

View file

@ -38,7 +38,7 @@ func NewFuncMap() template.FuncMap {
"SafeHTML": SafeHTML, "SafeHTML": SafeHTML,
"HTMLFormat": HTMLFormat, "HTMLFormat": HTMLFormat,
"HTMLEscape": HTMLEscape, "HTMLEscape": HTMLEscape,
"QueryEscape": url.QueryEscape, "QueryEscape": QueryEscape,
"JSEscape": JSEscapeSafe, "JSEscape": JSEscapeSafe,
"SanitizeHTML": SanitizeHTML, "SanitizeHTML": SanitizeHTML,
"URLJoin": util.URLJoin, "URLJoin": util.URLJoin,
@ -229,6 +229,10 @@ func JSEscapeSafe(s string) template.HTML {
return template.HTML(template.JSEscapeString(s)) return template.HTML(template.JSEscapeString(s))
} }
func QueryEscape(s string) template.URL {
return template.URL(url.QueryEscape(s))
}
// DotEscape wraps a dots in names with ZWJ [U+200D] in order to prevent autolinkers from detecting these as urls // DotEscape wraps a dots in names with ZWJ [U+200D] in order to prevent autolinkers from detecting these as urls
func DotEscape(raw string) string { func DotEscape(raw string) string {
return strings.ReplaceAll(raw, ".", "\u200d.\u200d") return strings.ReplaceAll(raw, ".", "\u200d.\u200d")